Fix a possible NULL pointer dereference in create_cert_store() In create_cert_store(), X509_STORE_new() is called and there is a dereference of it in following function X509_STORE_add_lookup() without check, which could lead to NULL pointer dereference. Fix this by adding a NULL check of X509_STORE_new() Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18057)

commit: 3f075967f664aac12951a1d7aa3124d9235cd299 [log] [tgz]
author: Zhou Qingyang <zhou1615@umn.edu> Thu Apr 07 00:48:09 2022 +0800
committer: Tomas Mraz <tomas@openssl.org> Thu Apr 21 08:34:09 2022 +0200
tree: 0198743659f5910b0173f2018d73ccab7c1f8960
parent: 4d50a5467b0a208c61d163239a3544bae06343ea [diff]
diff --git a/apps/ts.c b/apps/ts.c
index 2497c3b..e4a7515 100644
--- a/apps/ts.c
+++ b/apps/ts.c

@@ -980,6 +980,10 @@
     const char *propq = app_get0_propq();
 
     cert_ctx = X509_STORE_new();
+    if (cert_ctx == NULL) {
+        BIO_printf(bio_err, "memory allocation failure\n");
+        return NULL;
+    }
     X509_STORE_set_verify_cb(cert_ctx, verify_cb);
     if (CApath != NULL) {
         lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
commit	3f075967f664aac12951a1d7aa3124d9235cd299	[log] [tgz]
author	Zhou Qingyang <zhou1615@umn.edu>	Thu Apr 07 00:48:09 2022 +0800
committer	Tomas Mraz <tomas@openssl.org>	Thu Apr 21 08:34:09 2022 +0200
tree	0198743659f5910b0173f2018d73ccab7c1f8960
parent	4d50a5467b0a208c61d163239a3544bae06343ea [diff]